Privilege Escalation Vulnerability in OpenStack Identity by OpenStack
CVE-2014-3476

Currently unrated

Key Information:

Vendor

Openstack
Status
Keystone
Vendor
CVE Published:
17 June 2014

What is CVE-2014-3476?

OpenStack Identity (Keystone) prior to specific versions is vulnerable to a privilege escalation flaw due to improper handling of chained delegation. This issue allows remote authenticated users to exploit trust or OAuth tokens with impersonation capabilities, enabling them to create new tokens with elevated roles. Such vulnerabilities can lead to unauthorized access and potential misuse of the OpenStack environment, compromising its integrity and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lists.opensuse.org/opensuse-security-announce/2014...
vendor-advisoryx_refsource_SUSE
http://secunia.com/advisories/59547
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/68026
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.